#
# @author Wójcik Karol <wojcikk@student.agh.edu.pl>
# @licence http://www.gnu.org/copyleft/gpl.html GNU/GPL
#

class AccountController < ApplicationController
  model   :user
  layout 'standard', :except => [:login, :index]
  
  before_filter :login_required, :except => ['index','login']
  before_filter :authorize, :only =>['groups','create','delete','show','edit','teachers','admins','list']
  
  def authorize
    if session['user'].role != "admin"
        redirect_back_or_default :controller => "error", :action => "info"
    end
  end

  
  def index
     render :action => 'login'
  end

  def groups
    @users = User.find(:all)
  end

  def login
    case request.method
      when :post
        if session['user'] = User.authenticate(params['user_login'], params['user_password'])
           session['logged'] = session['user']  
	         flash['notice']  = "Login successful"
        	  if session['user'].role == "admin"
                redirect_back_or_default :action => "welcome"
        	  else
        	      redirect_back_or_default :action => "welcome_user"
        	  end
        	  
        else
          @login    = params['user_login']
          @message  = "Login unsuccessful"
      end
    end
  end
  
  def create
    @users = User.find(:all)
    case request.method
      when :post
        @user = User.new(params['user'])
        
        if @user.save      
          session['user'] = User.authenticate(@user.login, params['user']['password'])
          flash['notice'] = "Signup successful"
          session['user'] = session['logged']
          redirect_back_or_default :action => "list"
        end
        when :get
    	    @user = User.new
    end  
  end
  
  def delete
	if params['id'] and session['user']
    	    @user = User.find(params['id'])
    	    @user.destroy
	end
	redirect_back_or_default :action => "list"
  end  
    
  def logout
    session['user'] = nil
    session['logged'] = nil
    redirect_back_or_default :action => 'login'
  end
    
  def list
    @users = User.find(:all)
  end
  
  def list_user
    @users = User.find(:all, :conditions => ["id = ?", session['user'].id ])
  end
  
  def admins
    @users = User.find(:all, :conditions => "role = 'admin'")
  end

  def teachers
    @users = User.find(:all, :conditions => "role = 'prowadzacy'")
  end

    
  def edit
    @user = User.find(params[:id])
    @users = User.find(:all)
  end
  
  def edit_user
     @user = User.find(:first, :conditions => ["id = ?", session['user'].id])
     @users = User.find(:all, :conditions => ["id = ?", session['user'].id])
  end
  
  def update
    @user = User.find(params[:id])
    @users = User.find(:all)
    if @user.update_attributes(params[:user])
      flash[:notice] = 'Mark was successfully updated.'
      if session['user'].role == "admin"
        redirect_to :action => 'show', :id => @user
      else
        redirect_to :action => 'show_user', :id => @user
      end	
    else
	if session['user'].role == "admin"
    	    render :action => 'edit'
	else 
	    render :action => 'edit_user'
	end
    end
  end
  
  def show
    @user = User.find(params[:id])
    @users = User.find(:all) 
  end
  
   def show_user
    @user = User.find(:first, :conditions => ["id = ?", session['user'].id])
    @users = User.find(:all, :conditions => ["id = ?", session['user'].id ]) 
  end
  
  
  def welcome
  end
  
  def welcome_user
  end
  
end
